Total vulnerabilities in the database
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack.
Software | From | Fixed in |
---|---|---|
zend / zend_framework | 1.11.4 | 1.11.4.x |
zend / zend_framework | 1.11.11 | 1.11.11.x |
zend / zend_framework | 1.11.5 | 1.11.5.x |
zend / zend_framework | 1.11.12 | 1.11.12.x |
zend / zend_framework | 1.11.9 | 1.11.9.x |
zend / zend_framework | 1.11.6 | 1.11.6.x |
zend / zend_framework | 1.11.3 | 1.11.3.x |
zend / zend_framework | 1.11.13 | 1.11.13.x |
zend / zend_framework | 1.11.2 | 1.11.2.x |
zend / zend_framework | 1.11.0 | 1.11.0.x |
zend / zend_framework | 1.11.10 | 1.11.10.x |
zend / zend_framework | 1.11.8 | 1.11.8.x |
zend / zend_framework | 1.11.7 | 1.11.7.x |
zend / zend_framework | 1.11.1 | 1.11.1.x |
zend / zend_framework | 1.12.0 | 1.12.0.x |